A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. This affects version 6.2.2. To resolve this issue users running 6.2.2 should upgrade to 6.2.3 or later versions.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/105183 | Third Party Advisory VDB Entry |
https://github.com/apache/trafficserver/pull/2147 | Patch Third Party Advisory |
https://lists.apache.org/thread.html/ce404d2fe16cc59085ece5a6236ccd1549def471a2a9508198d966b1%40%3Cusers.trafficserver.apache.org%3E |
Configurations
History
07 Nov 2023, 03:01
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-08-29 13:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-8022
Mitre link : CVE-2018-8022
CVE.ORG link : CVE-2018-8022
JSON object : View
Products Affected
apache
- traffic_server
CWE
CWE-20
Improper Input Validation